Software Improvement Group (SIG) has published the State of Software 2026, highlighting key findings on how AI is reshaping software quality, complexity, and risk across the enterprise. The report examines the hidden costs and risks of enterprise software amid accelerating AI adoption. It explores how software development is changing as AI-assisted coding becomes mainstream and as AI agents increasingly write, test, and merge code with reduced human involvement.
The central finding is that AI neither fixes nor undermines software discipline on its own. It amplifies what is already there. Where code quality and architecture are measured, managed, and governed, AI accelerates delivery. Where they are not, AI can accelerate the accumulation of technical debt, increase costs, and widen security exposure.
“Nothing in this report is an argument against AI. The productivity gains are real, and the organisations that fail to embrace it risk falling behind those that learn to use it effectively. But you cannot manage what you do not measure, and you cannot sustain speed on a foundation you do not understand. When code generation outruns governance, technical debt accumulates faster, security exposure widens, and the systems a business depends on become harder to maintain and evolve” said Luc Brandts, CEO at Software Improvement Group.
Key findings
- AI adoption in enterprise: AI-generated code now accounts for 1.9% of enterprise production code.
- AI code security: In SIG’s testing, AI-generated code carries roughly double the security risk violations of human-written code.
- Non-agentic AI-assisted engineering cost: AI token spend for a team of 50 developers now averages the equivalent of nearly one additional developer.
- Agentic coding tasks can consume up to 1,000 times more tokens than standard code chat or reasoning.
- Technical debt: Reducing code-level technical debt can save €870,000 in developer time per system per year.
- Maintainability: 86% of code falls below SIG’s recommended maintainability rating.
- Architecture: 50% of code scores below SIG’s recommended architecture rating, and a stronger architecture cuts issue-resolution time by 30%.
- Security: 71% of code has a low degree of security controls, and systems with lower code-level technical debt show up to 72% stronger security compliance.
- AI systems engineering: 72% of AI systems in production score below SIG’s recommended build-quality rating.
The report draws on Software Improvement Group’s benchmark data, set against independent research. SIG’s benchmark spans more than 30,000 systems and over 400 billion lines of code; this year’s findings draw on the systems analyzed over the past year.
Download the State of Software 2026 here:
softwareimprovementgroup.com/wp-content/uploads/State-of-Software-2026.pdf
